Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: yes, its t0rn again

From: Helmut Springer <delta () FAVEVE UNI-STUTTGART DE>
Date: Thu, 4 Jan 2001 14:29:26 +0100
On Wed 2001-01-03 (15:51), Andreas Hasenack wrote:

That may also not be enough. A library could have been hacked,
md5sum should be statically linked. And, if a kernel module has
been inserted, then all bets are off, you would have to reboot
from a known kernel to be sure.


if you're playing rough you won't have modules support in the kernel
(as long as you can't make sure modules can't be tampered) and a
read only boot media checking the system from a read only core
system on startup.

yes, that somewhat makes system maintenance a pain.  the price to
pay.

--
MfG/best regards, helmut springer         Die andern schon scheintot,
                                          Du springst aufs Podest...
                                          Du bist besser dran, Brille,
                                          besser, viel besser als der Rest.
Previous By Date Next
Previous By Thread Next

Current thread: